Protecting Your Business Against Wi-Fi Attacks

Using Wi-Fi in places of business has allowed for increases in efficiency and quality of life. Wi-Fi has allowed the development of Bring Your Own Device (BYOD) policies and allows employees to work from anywhere. The freedom Wi-Fi provides does come with some strings attached.  

When using an ethernet cable, the wire itself protects your data as it travels. Wi-Fi transfers data by shotgun blasting through the air. This is great for accessing your data anywhere, but not so ideal for protecting your data.  

Wi-Fi Attacks  

With data flying free, a hacker could find a way to pick the data out of the air. While it’s not that simple, Wi-Fi connections do pose risks you may not have considered. Below is a list of examples of Wi-Fi attacks to get you in the know.  

Packet Sniffing:  

This method of Wi-Fi attack involves spying on data transfers. Packet sniffers allow hackers to see the network traffic as it travels over Wi-Fi. An alarming amount of unencrypted data gets transferred over Wi-Fi; this is what the hacker targets. Packet sniffing occurs regularly on insecure public Wi-Fi hotspots. Be wary of using hotspots when handling sensitive data.  

WEP Attacks:  

Wired Equivalent Privacy (WEP) is the old standard of Wi-Fi security. Despite the deprecation of WEP long ago, some businesses use it thinking it will be secure enough. Now, a proficient hacker will be able to break into a WEP network like it’s nothing. Wi-Fi Protected Access 2 or 3 (WPA2/3) are the new standards and all businesses should be adopting them. 

Man-in-the-middle (MitM) Attacks:  

This type of attack relies upon a hacker tricking you into connecting with their computer. When you connect with the hacker, they can see the other devices your computer is communicating with. MitM attacks pose more of a risk than packet sniffers, as a hacker can alter the data you send them. They can then disguise themselves as you, and send the altered data to your originally intended destination. 

Evil Twin:  

Hackers use social engineering tricks to get you to connect to a fake Wi-Fi network. With an evil twin attack, a hacker will set up a Wi-Fi network that looks trustworthy. The exploit works because many devices only recognise a Wi-Fi network by its SSID i.e. the Wi-Fi network’s name tag. When an unsuspecting user connects to the fake network, a hacker can spy on transferred data. 

Wardriving and Warshipping:  

Hackers use the technique to discover vulnerable access points by visiting them in person. Wardriving refers to hackers driving around, parking next to a business, and scoping the Wi-Fi network. Wi-Fi networks can often be accessed from outside a business’s building. This allows hackers to look for vulnerabilities at your doorstep. Warshipping involves mailing small devices with Wi-Fi elements to businesses. If mail is kept on the business premises, these devices can scope out the network from the inside. 

WEP and WPA – What You Need to Know 

The key to healthy Wi-Fi security is the encryption protocol you use. WEP, WPA, WPA2, and WPA3 are all common Wi-Fi encryption protocols. Their job is to protect your data transmitted wirelessly. Wireless data transfer is much less secure than wired. Wi-Fi encryption protocols aim to shorten the gap in security between the two. 

• Wired Equivalent Privacy (WEP): WEP is essentially solved by hackers. Since its introduction in 1999, hackers have had ample time to find exploits that allow easy access. WEP is used now by the tech illiterate who haven’t changed default security on their outdated routers. It is also used in rare cases to facilitate very old technology that does not support modern encryption. 
• Wi-Fi Protected Access (WPA): WPA is the standard of wireless security in the modern-day. Many modern devices have adopted support for WPA3 – the most recent update to the WPA protocol. WPA3 made steps to remedy exploits that have been present in the WPA protocol since its launch in 2004. Many organisations have to make do with WPA2 until more devices adopt support for WPA3. 

Aside from some niche cases, WEP should never see use. While bad security is better than no security, WEP is barely better than nothing nowadays. WPA3 should be the standard for many organisations. If your organisation uses devices that do not support WPA3, other Wi-Fi security methods can supplement WPA2. 

Protecting Yourself From Wi-Fi Attacks 

• As stated above, make sure your organisation’s wireless network is using WPA2 or WPA3. This should be your Wi-Fi security baseline. 
• Customise your router’s SSID to make it more secure. If you have an easily identifiable network, users are less likely to connect to an Evil Twin. 
• If you have guest Wi-Fi in your building, keep it separate from the employee Wi-Fi. People on a guest network won’t be able to see employee traffic. 
• Avoid accessing company data on public Wi-Fi hotspots. When using these hotspots, hackers can use packet sniffing techniques to spy on your data. 
• Set up a VPN for your device for further protection when connecting to your organisation’s network from outside the office.  

Securiwiser Can Help 

If you are worried about the security of your business, Securiwiser can help. Securiwiser is a cybersecurity vulnerability assessment suite designed to boost your cybersecurity posture. 

Using Securiwiser’s advanced assessment tools, you can see how the changes you make affect your organisation’s cybersecurity rating in real-time. 

Learn how to stay protected today by receiving your free cybersecurity report here.